# Filters added to this controller apply to all controllers in the application.
# Likewise, all the methods added will be available for all controllers.

class ApplicationController < ActionController::Base
  helper :all # include all helpers, all the time
  protect_from_forgery # See ActionController::RequestForgeryProtection for details

  # Scrub sensitive parameters from your log
  filter_parameter_logging :password

  helper_method :current_user

  private

  def current_user_session
    return current_user_session if defined?(@current_user_session)
    @current_user = current_user_session = UserSession.find
  end

  def current_user
    return @current_user if defined?(@current_user)
    @current_user = current_user_session && current_user_session.record
  end
  
  def authenticate #any user can access a page as long as they are logged in
    return true if current_user
    current_user_session[:intended_action] = action_name if current_user_session
    flash[:notice] = "You must be logged in to access this feature of qiso."
    redirect_to login_path
    return false
  end

  def authorize_for(right_name) #users must be assigned appropriate roles to access application resources
    flash[:notice] = "There are no rights set up right now, but a filter would be authenticating for the <pre>'#{right_name}'</pre>-Right."
  end
end
